Lucene search
GoogleOSV:CVE-2021-32707HistoryJul 12, 2021 - 7:15 p.m.
CVE-2021-32707
2021-07-1219:15:10
Google
osv.dev
7
nextcloud mail
privacy filter
image rendering
security patch
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed through the Nextcloud image proxy, and thus there was no IP leakage. The issue was patched in version 1.9.6 and 1.10.0. No workarounds are known to exist.
Related
nextcloud
nextcloud
Bypass of image blocking in Nextcloud Mail
2021-07-12 09:20:58
prion
prion
Design/Logic Flaw
2021-07-12 19:15:00
archlinux
archlinux
[ASA-202107-41] nextcloud-app-mail: information disclosure
2021-07-20 00:00:00
hackerone
hackerone
Nextcloud: Bypass of privacy filter / tracking pixel blocker
2021-06-02 09:59:35
nvd
nvd
CVE-2021-32707
2021-07-12 19:15:10
cve
cve
CVE-2021-32707
2021-07-12 19:15:10
cvelist
cvelist
CVE-2021-32707 Bypass of image blocking in Nextcloud Mail
2021-07-12 19:05:13